public ChangePasswordResponse ChangePassword(ChangePasswordRequest request) { Platform.CheckForNullReference(request, "request"); Platform.CheckMemberIsSet(request.UserName, "UserName"); Platform.CheckMemberIsSet(request.CurrentPassword, "CurrentPassword"); Platform.CheckMemberIsSet(request.NewPassword, "NewPassword"); var now = Platform.Time; var user = GetUser(request.UserName); // ensure user found, account is active and the current password is correct if (user == null || !user.IsActive(now) || !user.Password.Verify(request.CurrentPassword)) { // no such user, account not active, or invalid password // the error message is deliberately vague throw new UserAccessDeniedException(); } // check new password meets policy PasswordPolicy.CheckPasswordCandidate(user.AccountType, request.NewPassword, this.Settings); var expiryTime = Platform.Time.AddDays(this.Settings.PasswordExpiryDays); // change the password user.ChangePassword(request.NewPassword, expiryTime); return new ChangePasswordResponse(); }
public ChangePasswordResponse ChangePassword(ChangePasswordRequest request) { if (Membership.Provider.ChangePassword(request.UserName, request.CurrentPassword, request.NewPassword)) return new ChangePasswordResponse(); throw new FaultException<UserAccessDeniedException>(new UserAccessDeniedException()); }
public void ChangePassword(string userName, string oldPassword, string newPassword) { try { var request = new ChangePasswordRequest(userName, oldPassword, newPassword); Platform.GetService( delegate(IAuthenticationService service) { service.ChangePassword(request); Platform.Log(LogLevel.Info, "Password for {0} has been changed.", userName); }); } catch (FaultException<UserAccessDeniedException> ex) { throw ex.Detail; } catch(FaultException<RequestValidationException> ex) { throw ex.Detail; } }